Posts

Showing posts from June, 2024

Insider Risk Management - Policy Creation

Image
Insider Risk Management - One of the important wings of Microsoft Purview which help us to setup policy to minimize the insider threat being executed/exposed. Following are simple setup setps to create one such policy. Micrsoft provider simple template to configure the policy. Go to Microsoft Purview portal >> Click on Insider Rick Management .  On the left navigation bar, click on Policies . And finally Click on  + Create Policy. Specific to this exsmple, this policy is going to monitor all the interaction is happening with health related data managed and support by a specific team. You can select all user base, or selective user/group who are e;ligible to work with health related data. Most of the cases, we select all user base where thispolicy could be applied, however, for quick turn around on daily basis for specific support-team/project-team, you can setup an additional policy here. Triggering events are events that determine if a user is active in an insider...

Microsoft Purview - Insider Risk Management - Final Part Two

Image
Insider Risk Management - What it does? - Activities intended to detect and/or prevent a person from using authorized access to the organization’s assets—either maliciously or unintentionally—in a way that negatively affects the organization. BTW - here is Part 1 of Insider Risk Management post -  https://www.blogger.com/blog/post/edit/474784438622669562/6058210346412545481     There are two main types of insider risk we found: inadvertent and malicious.   Inadvertent: An employee unintentionally causes harm -  unsafe actions, misuses resources, causes accidental data leakage   Malicious: An employee sets out to cause harm - data stole, IP theft, Unauthorized disclosure   Malicious cases, while less common, can be more costly.     Question is how does a company help mitigate all these risk factors and free from all these bad things and concentrate on Organizational growth only. This is most sensitive program, and person who lead or ...

Micrsoft Purview - Insider Risk Management

Image
With the emerge and vast acceptable of digitalization and as the digital landscape continues to grow, the risk landscape for organizations has been changed significantly. Earlier days, insider risk management team are part of the security team who make sure some kind of end-user training on data protection is in place and ensuring the security of corporate assets are in place.  Due to digitalization and as industry shift totally towards cloud era, the data size is keep growing and growing in exponential manner. More apps, more application organization is demanding and hence more monitoring and required tight control is required to be in place. Personally, I believe due to Covid, the work from home culture demands more the role of Chief Information Security Officer (responsible for data protection and manage the insider risk threats).  Controlling the security/threats/damages now is not limited to some modules/check points/assessments, it is now altogether a new era and hence M...

Microsoft Purview - The New Road

Image
  Microsoft Purview - A comprehensive set of solutions comming by clubbing Azure Purview and Microsoft 365 Compliance products which help your organization govern, protect, and manage your data. You can see more insights of your data wherever it lives and gain full control data life cycle. Three Pillars Data security: Solutions include: Data Loss Prevention Information Barriers Information Protection Insider Risk Management Privileged Access Management By defining and applying DLP policies, you can identify, monitor, and automatically protect sensitive items - PI, and SPI. DLP detects sensitive items by using deep content analysis. DLP lifecycle - Plan, Prepare, and Deploy. DLP policies can be applied to data at rest, data in use, and data in motion in locations such as: Exchange Online email SharePoint sites OneDrive accounts Teams chat and channel messages Microsoft Defender for Cloud Apps Windows 10, Windows 11, and macOS (three latest released versions) devices On-premise...